185.132.53.121

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: MO's Operations GmbH

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Invalid user ubnt from 185.132.53.121 port 39550	2020-04-04 05:28:47

Comments on same subnet:

IP	Type	Details	Datetime
185.132.53.115	attackspambots	Invalid user admin from 185.132.53.115 port 35110	2020-10-14 01:18:44
185.132.53.115	attack	Oct 13 10:06:29 ns1 sshd[78677]: Did not receive identification string from 185.132.53.115 port 44168 Oct 13 10:06:33 ns1 sshd[78678]: Unable to negotiate with 185.132.53.115 port 40660: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Oct 13 10:06:49 ns1 sshd[78680]: Unable to negotiate with 185.132.53.115 port 41618: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Oct 13 10:07:05 ns1 sshd[78682]: Unable to negotiate with 185.132.53.115 port 42644: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Oct 13 10:07:20 ns1 sshd[78684]: Unable to negotiate with 185.132.53.115 port 43726: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-e ...	2020-10-13 16:28:43
185.132.53.115	attackbotsspam	Oct 12 20:59:42 targaryen sshd[6336]: Invalid user admin from 185.132.53.115 Oct 12 20:59:56 targaryen sshd[6338]: Invalid user admin from 185.132.53.115 Oct 12 21:00:12 targaryen sshd[6343]: Invalid user admin from 185.132.53.115 Oct 12 21:00:27 targaryen sshd[6345]: Invalid user admin from 185.132.53.115 ...	2020-10-13 09:00:50
185.132.53.85	attack	SSH Brute Force (V)	2020-10-11 01:03:15
185.132.53.85	attackspambots	Unauthorized connection attempt detected from IP address 185.132.53.85 to port 22	2020-10-10 16:54:57
185.132.53.14	attackbotsspam	Oct 9 01:11:02 elp-server sshd[85411]: Unable to negotiate with 185.132.53.14 port 48206: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Oct 9 01:11:19 elp-server sshd[85417]: Unable to negotiate with 185.132.53.14 port 48212: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Oct 9 01:11:36 elp-server sshd[85423]: Unable to negotiate with 185.132.53.14 port 48258: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] ...	2020-10-09 07:35:57
185.132.53.14	attackspam	(sshd) Failed SSH login from 185.132.53.14 (DE/Germany/vps32.virtual4host.pt): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 8 11:51:30 server sshd[22256]: Did not receive identification string from 185.132.53.14 port 55218 Oct 8 11:51:58 server sshd[22312]: Failed password for root from 185.132.53.14 port 33202 ssh2 Oct 8 11:52:15 server sshd[22379]: Invalid user oracle from 185.132.53.14 port 33402 Oct 8 11:52:16 server sshd[22379]: Failed password for invalid user oracle from 185.132.53.14 port 33402 ssh2 Oct 8 11:52:35 server sshd[22457]: Failed password for root from 185.132.53.14 port 33592 ssh2	2020-10-09 00:07:57
185.132.53.14	attackbotsspam	Oct 8 09:38:37 sd-69548 sshd[84133]: Unable to negotiate with 185.132.53.14 port 35272: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Oct 8 09:38:55 sd-69548 sshd[84153]: Unable to negotiate with 185.132.53.14 port 58052: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] ...	2020-10-08 16:03:26
185.132.53.115	attackbotsspam	Oct 6 22:25:15 nas sshd[30358]: Failed password for root from 185.132.53.115 port 42610 ssh2 Oct 6 22:25:31 nas sshd[30780]: Failed password for root from 185.132.53.115 port 40618 ssh2 ...	2020-10-07 04:51:46
185.132.53.124	attack	Oct 6 11:27:26 alfc-lms-prod01 sshd\[25821\]: Invalid user user from 185.132.53.124 Oct 6 11:27:33 alfc-lms-prod01 sshd\[25825\]: Invalid user git from 185.132.53.124 Oct 6 11:27:41 alfc-lms-prod01 sshd\[25827\]: Invalid user postgres from 185.132.53.124 ...	2020-10-07 04:24:11
185.132.53.115	attack	Icarus honeypot on github	2020-10-06 20:57:26
185.132.53.124	attackspambots	Oct 6 11:27:26 alfc-lms-prod01 sshd\[25821\]: Invalid user user from 185.132.53.124 Oct 6 11:27:33 alfc-lms-prod01 sshd\[25825\]: Invalid user git from 185.132.53.124 Oct 6 11:27:41 alfc-lms-prod01 sshd\[25827\]: Invalid user postgres from 185.132.53.124 ...	2020-10-06 20:28:16
185.132.53.115	attack	Oct 6 06:18:41 ns382633 sshd\[16857\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.132.53.115 user=root Oct 6 06:18:43 ns382633 sshd\[16857\]: Failed password for root from 185.132.53.115 port 39806 ssh2 Oct 6 06:18:55 ns382633 sshd\[16861\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.132.53.115 user=root Oct 6 06:18:58 ns382633 sshd\[16861\]: Failed password for root from 185.132.53.115 port 33824 ssh2 Oct 6 06:19:11 ns382633 sshd\[17121\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.132.53.115 user=root	2020-10-06 12:38:44
185.132.53.124	attackbotsspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-06 12:07:49
185.132.53.124	attackbots	fail2ban detected bruce force on ssh iptables	2020-10-06 05:46:28

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 185.132.53.121
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56957
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;185.132.53.121.			IN	A

;; AUTHORITY SECTION:
.			585	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040301 1800 900 604800 86400

;; Query time: 93 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 04 05:28:44 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 121.53.132.185.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 121.53.132.185.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.92.0.145	attackbotsspam	Jun 29 21:43:24 gestao sshd[5748]: Failed password for root from 218.92.0.145 port 27660 ssh2 Jun 29 21:43:28 gestao sshd[5748]: Failed password for root from 218.92.0.145 port 27660 ssh2 Jun 29 21:43:32 gestao sshd[5748]: Failed password for root from 218.92.0.145 port 27660 ssh2 Jun 29 21:43:36 gestao sshd[5748]: Failed password for root from 218.92.0.145 port 27660 ssh2 ...	2020-06-30 04:51:33
140.143.57.195	attack	Jun 30 01:13:58 gw1 sshd[32010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.57.195 Jun 30 01:13:59 gw1 sshd[32010]: Failed password for invalid user yi from 140.143.57.195 port 48700 ssh2 ...	2020-06-30 04:18:51
45.134.179.57	attack	firewall-block, port(s): 13006/tcp, 13028/tcp, 13031/tcp, 13033/tcp, 13035/tcp, 13070/tcp, 13155/tcp, 13266/tcp, 13281/tcp, 13282/tcp, 13283/tcp, 13287/tcp, 13291/tcp, 13400/tcp, 13431/tcp, 13483/tcp, 13498/tcp, 13501/tcp, 13504/tcp, 13505/tcp, 13513/tcp, 13515/tcp, 13522/tcp, 13526/tcp, 13566/tcp, 13568/tcp	2020-06-30 04:27:28
123.23.127.15	attackspam	Honeypot attack, port: 81, PTR: PTR record not found	2020-06-30 05:01:25
51.75.17.122	attackspam	Jun 29 20:02:47 game-panel sshd[10142]: Failed password for root from 51.75.17.122 port 46032 ssh2 Jun 29 20:06:07 game-panel sshd[10288]: Failed password for root from 51.75.17.122 port 48554 ssh2	2020-06-30 04:35:11
42.225.188.209	attack	Jun 29 21:49:20 debian-2gb-nbg1-2 kernel: \[15718801.886690\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=42.225.188.209 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=106 ID=256 PROTO=TCP SPT=60198 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0	2020-06-30 04:43:54
202.143.112.117	attackspambots	Honeypot attack, port: 445, PTR: ftth-112-117.satcomm.pk.	2020-06-30 04:20:58
46.38.145.5	attackspam	2020-06-29T14:55:20.467812linuxbox-skyline auth[365691]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=itl rhost=46.38.145.5 ...	2020-06-30 04:57:17
222.186.30.167	attackbots	Jun 29 22:21:24 v22018053744266470 sshd[18470]: Failed password for root from 222.186.30.167 port 35700 ssh2 Jun 29 22:21:26 v22018053744266470 sshd[18470]: Failed password for root from 222.186.30.167 port 35700 ssh2 Jun 29 22:21:29 v22018053744266470 sshd[18470]: Failed password for root from 222.186.30.167 port 35700 ssh2 ...	2020-06-30 04:35:33
58.87.87.155	attackspambots	Jun 29 20:49:08 cdc sshd[27967]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.87.155 Jun 29 20:49:10 cdc sshd[27967]: Failed password for invalid user cmz from 58.87.87.155 port 39462 ssh2	2020-06-30 04:57:02
192.241.222.52	attackspam	1593460170 - 06/29/2020 21:49:30 Host: 192.241.222.52/192.241.222.52 Port: 161 UDP Blocked	2020-06-30 04:36:06
164.132.57.16	attack	2020-06-29T20:30:04.620725mail.csmailer.org sshd[21470]: Failed password for invalid user smb from 164.132.57.16 port 47722 ssh2 2020-06-29T20:33:03.778261mail.csmailer.org sshd[22011]: Invalid user vr from 164.132.57.16 port 47186 2020-06-29T20:33:03.782283mail.csmailer.org sshd[22011]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=16.ip-164-132-57.eu 2020-06-29T20:33:03.778261mail.csmailer.org sshd[22011]: Invalid user vr from 164.132.57.16 port 47186 2020-06-29T20:33:06.075478mail.csmailer.org sshd[22011]: Failed password for invalid user vr from 164.132.57.16 port 47186 ssh2 ...	2020-06-30 04:40:38
198.199.94.247	attackspambots	Icarus honeypot on github	2020-06-30 04:30:50
171.38.151.227	attack	Honeypot attack, port: 81, PTR: PTR record not found	2020-06-30 04:43:39
117.36.116.142	attack	2020-06-29T12:49:43.049238suse-nuc sshd[21860]: User root from 117.36.116.142 not allowed because listed in DenyUsers ...	2020-06-30 04:21:54

Recently Reported IPs

27.43.145.165	180.125.217.166	91.40.49.57	109.138.252.103
179.40.48.167	75.171.47.34	54.65.247.117	105.201.252.45
163.6.248.28	110.115.182.64	1.254.52.244	82.190.36.151
210.47.4.177	123.95.191.189	176.131.29.75	186.182.26.84
201.191.6.223	4.79.7.141	114.173.246.74	138.88.196.142